update

starway · Sep 12, 2017 · 6cfa3d9 · 6cfa3d9
1 parent 90140fb
commit 6cfa3d9
Show file tree

Hide file tree

Showing 4 changed files with 69 additions and 65 deletions.
diff --git a/imooc-security-app/src/main/java/com/imooc/security/app/ImoocAuthorizationServerConfig.java b/imooc-security-app/src/main/java/com/imooc/security/app/ImoocAuthorizationServerConfig.java
@@ -16,6 +16,7 @@
 import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
 import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
 import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
+import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
 import org.springframework.security.oauth2.provider.token.TokenEnhancer;
 import org.springframework.security.oauth2.provider.token.TokenEnhancerChain;
 import org.springframework.security.oauth2.provider.token.TokenStore;
@@ -30,57 +31,60 @@
  */
 @Configuration
 @EnableAuthorizationServer
-public class ImoocAuthorizationServerConfig{}// extends AuthorizationServerConfigurerAdapter {
-//
-//	@Autowired
-//	private UserDetailsService userDetailsService;
-//
-//	@Autowired
-//	private AuthenticationManager authenticationManager;
-//
-//	@Autowired
-//	private TokenStore tokenStore;
-//	
-//	@Autowired(required = false)
-//	private JwtAccessTokenConverter jwtAccessTokenConverter;
-//	
-//	@Autowired(required = false)
-//	private TokenEnhancer jwtTokenEnhancer;
-//
-//	@Autowired
-//	private SecurityProperties securityProperties;
-//
-//	@Override
-//	public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
-//		endpoints.tokenStore(tokenStore)
-//				.authenticationManager(authenticationManager)
-//				.userDetailsService(userDetailsService);
-//		
-//		if(jwtAccessTokenConverter != null && jwtTokenEnhancer != null){
-//			TokenEnhancerChain enhancerChain = new TokenEnhancerChain();
-//			List<TokenEnhancer> enhancers = new ArrayList<>();
-//			enhancers.add(jwtTokenEnhancer);
-//			enhancers.add(jwtAccessTokenConverter);
-//			enhancerChain.setTokenEnhancers(enhancers);
-//			endpoints.tokenEnhancer(enhancerChain)
-//						.accessTokenConverter(jwtAccessTokenConverter);
-//		}
-//		
-//	}
-//
-//	@Override
-//	public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
-//		InMemoryClientDetailsServiceBuilder builder = clients.inMemory();
-//		if (ArrayUtils.isNotEmpty(securityProperties.getOauth2().getClients())) {
-//			for (OAuth2ClientProperties client : securityProperties.getOauth2().getClients()) {
-//				builder.withClient(client.getClientId())
-//						.secret(client.getClientSecret())
-//						.authorizedGrantTypes("refresh_token", "authorization_code", "password")
-//						.accessTokenValiditySeconds(client.getAccessTokenValidateSeconds())
-//						.refreshTokenValiditySeconds(2592000)
-//						.scopes("all");
-//			}
-//		}
-//	}
-//
-//}
+public class ImoocAuthorizationServerConfig extends AuthorizationServerConfigurerAdapter {
+
+	@Autowired
+	private UserDetailsService userDetailsService;
+
+	@Autowired
+	private AuthenticationManager authenticationManager;
+
+	@Autowired
+	private TokenStore tokenStore;
+
+	@Autowired(required = false)
+	private JwtAccessTokenConverter jwtAccessTokenConverter;
+
+	@Autowired(required = false)
+	private TokenEnhancer jwtTokenEnhancer;
+
+	@Autowired
+	private SecurityProperties securityProperties;
+
+	@Override
+	public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
+		endpoints.tokenStore(tokenStore).authenticationManager(authenticationManager)
+				.userDetailsService(userDetailsService);
+
+		if (jwtAccessTokenConverter != null && jwtTokenEnhancer != null) {
+			TokenEnhancerChain enhancerChain = new TokenEnhancerChain();
+			List<TokenEnhancer> enhancers = new ArrayList<>();
+			enhancers.add(jwtTokenEnhancer);
+			enhancers.add(jwtAccessTokenConverter);
+			enhancerChain.setTokenEnhancers(enhancers);
+
+			endpoints.tokenEnhancer(enhancerChain).accessTokenConverter(jwtAccessTokenConverter);
+		}
+
+	}
+
+	public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
+		security.tokenKeyAccess("permitAll()")
+				.checkTokenAccess("isAuthenticated()")
+				.allowFormAuthenticationForClients();
+	}
+
+	@Override
+	public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
+		InMemoryClientDetailsServiceBuilder builder = clients.inMemory();
+		if (ArrayUtils.isNotEmpty(securityProperties.getOauth2().getClients())) {
+			for (OAuth2ClientProperties client : securityProperties.getOauth2().getClients()) {
+				builder.withClient(client.getClientId()).secret(client.getClientSecret())
+						.authorizedGrantTypes("refresh_token", "authorization_code", "password")
+						.accessTokenValiditySeconds(client.getAccessTokenValidateSeconds())
+						.refreshTokenValiditySeconds(2592000).scopes("all");
+			}
+		}
+	}
+
+}
diff --git a/imooc-security-demo/.factorypath b/imooc-security-demo/.factorypath
@@ -75,7 +75,6 @@
     <factorypathentry kind="VARJAR" id="M2_REPO/commons-beanutils/commons-beanutils/1.9.3/commons-beanutils-1.9.3.jar" enabled="true" runInBatchMode="false"/>
     <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-configuration-processor/1.5.6.RELEASE/spring-boot-configuration-processor-1.5.6.RELEASE.jar" enabled="true" runInBatchMode="false"/>
     <factorypathentry kind="VARJAR" id="M2_REPO/com/vaadin/external/google/android-json/0.0.20131108.vaadin1/android-json-0.0.20131108.vaadin1.jar" enabled="true" runInBatchMode="false"/>
-    <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/session/spring-session/1.3.1.RELEASE/spring-session-1.3.1.RELEASE.jar" enabled="true" runInBatchMode="false"/>
     <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-starter-test/1.5.6.RELEASE/spring-boot-starter-test-1.5.6.RELEASE.jar" enabled="true" runInBatchMode="false"/>
     <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-test/1.5.6.RELEASE/spring-boot-test-1.5.6.RELEASE.jar" enabled="true" runInBatchMode="false"/>
     <factorypathentry kind="VARJAR" id="M2_REPO/org/springframework/boot/spring-boot-test-autoconfigure/1.5.6.RELEASE/spring-boot-test-autoconfigure-1.5.6.RELEASE.jar" enabled="true" runInBatchMode="false"/>
@@ -118,5 +117,6 @@
     <factorypathentry kind="VARJAR" id="M2_REPO/org/apache/commons/commons-collections4/4.0/commons-collections4-4.0.jar" enabled="true" runInBatchMode="false"/>
     <factorypathentry kind="VARJAR" id="M2_REPO/com/github/jknack/handlebars/4.0.6/handlebars-4.0.6.jar" enabled="true" runInBatchMode="false"/>
     <factorypathentry kind="VARJAR" id="M2_REPO/org/antlr/antlr4-runtime/4.5.1-1/antlr4-runtime-4.5.1-1.jar" enabled="true" runInBatchMode="false"/>
+    <factorypathentry kind="VARJAR" id="M2_REPO/io/jsonwebtoken/jjwt/0.7.0/jjwt-0.7.0.jar" enabled="true" runInBatchMode="false"/>
     <factorypathentry kind="PLUGIN" id="org.eclipse.jst.ws.annotations.core" enabled="true" runInBatchMode="false"/>
 </factorypath>
diff --git a/imooc-security-demo/src/main/java/com/imooc/web/controller/UserController.java b/imooc-security-demo/src/main/java/com/imooc/web/controller/UserController.java
@@ -73,14 +73,14 @@ public void regist(User user, HttpServletRequest request) {
 	@GetMapping("/me")
 	public Object getCurrentUser(Authentication user, HttpServletRequest request) throws ExpiredJwtException, UnsupportedJwtException, MalformedJwtException, SignatureException, IllegalArgumentException, UnsupportedEncodingException {
 
-		String token = StringUtils.substringAfter(request.getHeader("Authorization"), "bearer ");
-
-		Claims claims = Jwts.parser().setSigningKey(securityProperties.getOauth2().getJwtSigningKey().getBytes("UTF-8"))
-					.parseClaimsJws(token).getBody();
-
-		String company = (String) claims.get("company");
-
-		System.out.println(company);
+//		String token = StringUtils.substringAfter(request.getHeader("Authorization"), "bearer ");
+//		
+//		Claims claims = Jwts.parser().setSigningKey(securityProperties.getOauth2().getJwtSigningKey().getBytes("UTF-8"))
+//					.parseClaimsJws(token).getBody();
+//		
+//		String company = (String) claims.get("company");
+//		
+//		System.out.println(company);
 
 		return user;
 	}

diff --git a/imooc-security-demo/src/main/resources/application.properties b/imooc-security-demo/src/main/resources/application.properties
@@ -41,5 +41,5 @@ imooc.security.oauth2.clients[1].clientSecret = test
 
 #imooc.security.oauth2.tokenStore = redis
 
-security.oauth2.client.clientId = test
-security.oauth2.client.clientSecret = test
+#security.oauth2.client.clientId = test
+#security.oauth2.client.clientSecret = test